package top.lingkang.securityoauth2.server.controller;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RestController;
import top.lingkang.securityoauth2.core.dto.Oauth2Response;
import top.lingkang.securityoauth2.core.entity.ClientDetail;
import top.lingkang.securityoauth2.core.entity.DefaultUserDetail;
import top.lingkang.securityoauth2.core.entity.UserDetail;
import top.lingkang.securityoauth2.core.utils.StringUtils;
import top.lingkang.securityoauth2.server.auth.ClientDetailService;
import top.lingkang.securityoauth2.server.auth.UserDetailService;
import top.lingkang.securityoauth2.server.config.SecurityOauth2Server;
import top.lingkang.securityoauth2.server.error.Oauth2ServerException;

/**
 * @author lingkang
 * Created by 2022/7/1
 * 对外开放的 api
 */
@RestController
public class Oauth2ServerController {
    private final Logger logger = LoggerFactory.getLogger(Oauth2ServerController.class);
    @Autowired
    private UserDetailService userDetailService;
    @Autowired
    private SecurityOauth2Server securityOauth2Server;
    @Autowired
    private ClientDetailService clientDetailService;

    @GetMapping("/oauth2/info")
    public Object info() {
        return new DefaultUserDetail("123", "123", new String[]{"user"});
    }

    @PostMapping("/oauth2/token")
    public Oauth2Response token(String username, String password,
                                String client_id, String grant_type,
                                String client_secret) {
        if (StringUtils.isEmpty(client_id))
            return new Oauth2Response<>().fail("client_id not empty, client_id不能为空");
        if (StringUtils.isEmpty(grant_type))
            return new Oauth2Response<>().fail("grant_type not empty, grant_type不能为空");
        if (StringUtils.isEmpty(client_secret))
            return new Oauth2Response<>().fail("client_secret not empty, client_secret不能为空");
        if (StringUtils.isEmpty(username))
            return new Oauth2Response<>().fail("username not empty, username不能为空");
        try {
            // 验证客户端
            ClientDetail clientDetail = clientDetailService.getClientDetail(client_id, grant_type, client_secret);
            if (StringUtils.isEmpty(clientDetail.client_id())) {
                throw new Oauth2ServerException("ClientDetail 中 client_id 不能为空");
            }
            // 验证账号密码
            UserDetail userDetail = userDetailService.login(username, password);
            if (StringUtils.isEmpty(userDetail.getUsername())) {
                throw new Oauth2ServerException("UserDetail 中 username 不能为空");
            }
            // 构建令牌
            Object login = securityOauth2Server.login(userDetail, clientDetail);

        } catch (Exception e) {
            logger.error("POST /oauth2/token", e);
            return new Oauth2Response<>().fail(e.getMessage());
        }
        return null;
    }

    @PostMapping("/oauth2/client")
    public Object client() {

        return null;
    }
}
